Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1,354 articles for you...
100

SUSE: 2024:2668-1 Moderate: CDI Containers Security Fixes

Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 . # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:2668-1 Rating: moderate References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes importer/releases/tag/v1.59.0 * Release notes importer/releases/tag/v1.58.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2668=1 openSUSE-SLE-15.5-2024-2668=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2668=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2668=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2668=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-controller-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150500.6.18.1 *obs-service-cdi_containers_meta-1.59.0-150500.6.18.1 * containerized-data-importer-controller-1.59.0-150500.6.18.1 * containerized-data-importer-api-1.59.0-150500.6.18.1 * containerized-data-importer-importer-1.59.0-150500.6.18.1 * containerized-data-importer-operator-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-1.59.0-150500.6.18.1 * containerized-data-importer-operator-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-1.59.0-150500.6.18.1 * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-api-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-importer-debuginfo-1.59.0-150500.6.18.1 * openSUSE Leap Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * Containers Module 15-SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 . This release resolves substantial concerns in various CDI containers for SUSE and openSUSE customers. Please apply the newest updates.. SUSE 15 SP5 Update, cdi-apiserver-container, Container Security Advisory. . LinuxSecurity.com Team

Calendar%202 Jul 30, 2024 SuSE
100

SUSE: 2024:1989-1 Important: CDI Containers Security Fix for CVE-2024-3727

* bsc#1224119 Cross-References: * CVE-2024-3727 . # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:1989-1 Rating: important References: * bsc#1224119 Cross-References: * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: * Bump github.com/containers/image/v5 (bsc#1224119, CVE-2024-3727) * Remove SLE15 SP4 from the distro check (end of general support) * Add LABEL with source URL ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1989=1 openSUSE-SLE-15.6-2024-1989=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-1989=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * containerized-data-importer-uploadserver-1.58.0-150600.3.3.2 * containerized-data-importer-controller-1.58.0-150600.3.3.2 * containerized-data-importer-cloner-1.58.0-150600.3.3.2 * containerized-data-importer-uploadproxy-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-manifests-1.58.0-150600.3.3.2 *containerized-data-importer-api-1.58.0-150600.3.3.2 * containerized-data-importer-operator-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-importer-1.58.0-150600.3.3.2 * containerized-data-importer-uploadserver-debuginfo-1.58.0-150600.3.3.2 * obs-service-cdi_containers_meta-1.58.0-150600.3.3.2 * containerized-data-importer-operator-1.58.0-150600.3.3.2 * containerized-data-importer-importer-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-api-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-controller-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-cloner-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-uploadproxy-1.58.0-150600.3.3.2 * Containers Module 15-SP6 (x86_64) * containerized-data-importer-manifests-1.58.0-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224119 . This revision rectifies a critical security flaw present in various CDI environments. It is essential to apply the update swiftly for maximum protection.. cdi-container, SUSE security update, important security patch, container update, CVE-2024-3727. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2024 Important SuSE
100

openSUSE: 2024:1412-2 Critical: Kubevirt Security Update

* bsc#1222699 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 . # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:1311-1 Rating: important References: * bsc#1222699 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Improve the OrdinalPodInterfaceName mechanism (bsc#1222699) Also containers were rebuilt against the current released updates. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1311=1 SUSE-2024-1311=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1311=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1311=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-exportserver-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * obs-service-kubevirt_containers_meta-1.1.1-150500.8.15.1 *kubevirt-pr-helper-conf-1.1.1-150500.8.15.1 * kubevirt-virt-api-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-1.1.1-150500.8.15.1 * kubevirt-virt-api-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-1.1.1-150500.8.15.1 * kubevirt-container-disk-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-debuginfo-1.1.1-150500.8.15.1 * kubevirt-tests-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-1.1.1-150500.8.15.1 * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virt-exportserver-1.1.1-150500.8.15.1 * kubevirt-virt-handler-1.1.1-150500.8.15.1 * kubevirt-tests-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-handler-debuginfo-1.1.1-150500.8.15.1 * kubevirt-container-disk-debuginfo-1.1.1-150500.8.15.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * Containers Module 15-SP5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222699 . SUSE announces a vital upgrade for kubevirt and associated containers, tackling significant security vulnerabilities and corrections.. kubevirt patch, SUSE security update, openSUSE containers fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 16, 2024 Important SuSE
217

Oracle Linux 8 ELSA-2024-12192 Moderate: Podman Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12191 https://linux.oracle.com/errata/ELSA-2024-12191.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.x86_64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90165+ead7974e.x86_64.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.x86_64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.x86_64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm criu-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm crit-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm python3-criu-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm criu-devel-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm criu-libs-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm crun-1.8.7-1.module+el8.9.0+90165+ead7974e.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.x86_64.rpm libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90165+ead7974e.x86_64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-remote-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-tests-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-plugins-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-catatonit-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-gvproxy-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm python3-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.noarch.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.x86_64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90165+ead7974e.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.x86_64.rpm udica-0.2.6-4.module+el8.9.0+90165+ead7974e.noarch.rpm aarch64: buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.aarch64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90165+ead7974e.aarch64.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.aarch64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.aarch64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm criu-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm crit-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm python3-criu-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm criu-devel-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm criu-libs-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm crun-1.8.7-1.module+el8.9.0+90165+ead7974e.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.aarch64.rpm libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90165+ead7974e.aarch64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-remote-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-tests-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-plugins-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-catatonit-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-gvproxy-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm python3-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.noarch.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.aarch64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90165+ead7974e.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.aarch64.rpm udica-0.2.6-4.module+el8.9.0+90165+ead7974e.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//podman-4.0.2-26.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90165+ead7974e.src.rpm Related CVEs: CVE-2023-39326 Description of changes: buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman [2:4.0.2-26] - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc [1:1.1.12-1.0.1] - rebuild with golang 1.20.12 for CVE-2023-39326 skopeo slirp4netns udica _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux has issued a security patch for buildah, mitigating a moderate vulnerability. Make sure to check for updates immediately!. Oracle Linux, Buildah Update, Container Security, Security Advisory. . LinuxSecurity.com Team

Calendar%202 Mar 05, 2024 Oracle
100

SUSE: 2024:416-1 Moderate: bci/rust Path Traversal Issue

The container bci/rust was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/rust ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:416-1 Container Tags : bci/rust:1.74 , bci/rust:1.74-2.3.9 , bci/rust:oldstable , bci/rust:oldstable-2.3.9 Container Release : 3.9 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/rust was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . The bci/rust container has been revised to include essential security upgrades. Discover the resolution applied to the path traversal vulnerability that was addressed.. bci/rust update, container security, SUSE advisory. . LinuxSecurity.com Team

Calendar%202 Jan 31, 2024 SuSE
100

SUSE: 2024:403-1 Moderate: bci/dotnet-sdk Path Traversal

The container bci/dotnet-sdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-sdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:403-1 Container Tags : bci/dotnet-sdk:8.0 , bci/dotnet-sdk:8.0-3.4 , bci/dotnet-sdk:8.0.1 , bci/dotnet-sdk:8.0.1-3.4 , bci/dotnet-sdk:latest Container Release : 3.4 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/dotnet-sdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . A security enhancement for SUSE bci/dotnet-sdk resolves path manipulation vulnerabilities and incorporates vital fixes.. Container Updates, Security Patches, bci/dotnet-sdk. . LinuxSecurity.com Team

Calendar%202 Jan 30, 2024 SuSE
100

SUSE 2024:399-2 Moderate Alert: Directory Traversal in suse/rmt-postgres

The container suse/rmt-mariadb was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/rmt-mariadb ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:399-1 Container Tags : suse/mariadb:10.6 , suse/mariadb:10.6-17.8 , suse/mariadb:latest , suse/rmt-mariadb:10.6 , suse/rmt-mariadb:10.6-17.8 , suse/rmt-mariadb:latest Container Release : 17.8 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container suse/rmt-mariadb was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.76 updated . SUSE Container Security Notice tackles vulnerabilities in suse/rmt-mariadb, aiming to enhance overall system resilience.. SUSE Container, suse/rmt-mariadb, security update, path traversal, cpio. . LinuxSecurity.com Team

Calendar%202 Jan 29, 2024 SuSE
100

SUSE: 2024:399-2 Moderate: suse/rmt-mariadb-client Path Traversal

The container suse/rmt-mariadb-client was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/rmt-mariadb-client ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:398-1 Container Tags : suse/mariadb-client:10.6 , suse/mariadb-client:10.6-14.8 , suse/mariadb-client:latest , suse/rmt-mariadb-client:10.6 , suse/rmt-mariadb-client:10.6-14.8 , suse/rmt-mariadb-client:latest Container Release : 14.8 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container suse/rmt-mariadb-client was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.76 updated . SUSE Container Bulletin SUSE-CU-2024:399-1 delivers patches for suse/rmt-mariadb-server addressing moderate privilege escalation vulnerabilities.. SUSE Container Update, suse/rmt-mariadb-client, Path Traversal, Security Advisory. . LinuxSecurity.com Team

Calendar%202 Jan 29, 2024 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200